Blog del CCI

lunes, 6 de julio de 2015

New Detection Technologies: Ouija 2.0 take care of Critical Infrastructure

On my last post in the CCI Blog, I described how American Water Works Association Cyber Security Framework didn’t addressed the detection Cyber Security events measures for these control systems.

Today I have seen a good Tweet (as always) from our colleague Joel Langill (@SCADAhacker) advising about a new Tripwire study on Critical Infrastructure. In their study they stated than “86% energy security professionals believe they can detect a breach on critical systems in less than 1 week”, and suddenly I remembered the last CCI report on Industrial Cyber Security for Spain in 2015. According to that report, these were the Cyber Security solutions deployed on those Networks:

As you can see, SIEM, event correlation, IDS and IPS technologies are not very popular on such organizations, so questions are:

· Who has responded in the Tripwire survey? (Surely not Spanish Industrial companies)

· If you are not monitoring cyber security events, how can you detect them?

· Why Duqu 2.0 has been hitting?

The only rational response to this astonishing detection rate of 86% is ……. Ouija !!!! (Of course, version 2.0 with snmp and syslog support)

Enrique Martín García (Telvent Global Services)

No hay comentarios :

Publicar un comentario